My computer was infected a while ago with Spysheriff and I got rid of it. But I discovered a red circle with a white cross in my taskbar. When I move my mouse over it, it says 'Your computer is infected':

Answer:

This one is easy to get rid off.

Open the task manager (press Control+Alt+Del)

Select Processes and look for a process named 13242.exeor similar (a pattern of numbers) and kill this process.
Look for a process named Archive.exe and kill it as well.Note that the name of this other program may be different in your case - a known other name is tool2.exe .

Search your hard disk for the file name 13242.exe (or whatever number it may have been in your case). In my case this was in:
\Documents and Settings\user1\Lokale Einstellungen\Temp
Other users reported to have found these files in c:\Windows.

As you can see in the screenshot, I found a LOT of executable files there, most of them the length 0. I could not delete those files until I had killed process 'Archive.exe'.

The file archive.exe was entered as an auto-start in the registry here:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Can u help me please? I have the same problem and it keeps re-installing antispyware!!! its soooooooo fucking annoying!!! i have windows xp

2006-01-05, 23:40:27

anonymous from United States

just reboot your computer dude

2006-01-06, 10:00:39

anonymous from Canada

i do not have any of those in my processes....other ways to identify?

2006-01-08, 11:20:12

anonymous from Indonesia

i also have the same problem just today, and i can not find any of the files mentioned above. But the again i'm not sure what kind of ad/spy ware infecting my PC. but it does leave the same sign. Can any one tell me waht to do??

2006-01-09, 17:08:33

dennis26miles@msn.com from United States

i have something new with our freindly spysheriff. it has made a large sale sheet my homepage. i got rid of everything so that it is gone from my regedit, and add/rmove -- but it has:

It has a downloadable script that will remove those hooks in the registry, or you can do it manually. Afterwards you should delete that file - atlyd32.exe will be either in

C:\WINDOWS\atlyd32.exe or in
C:\WINDOWS\SYSTEM32\atlyd32.exe

2006-01-10, 03:08:59

NPK from Nepal

Plese tell me, are the files x.exe, tool2.exe,tool3.exe,tool4.exe,tool5.exe also the reasons of the message? Are these files created by secure32 or spysheriff ???

2006-01-11, 02:16:11

vi from Australia

i have the exact same problem but i cant find 13242.exe or archive.exe in my processess, ive got tool2.exe and ive deleted it over and over again. but it keeps happening.

2006-01-18, 08:34:09

[hidden] from United Kingdom

I could not find the files you mentioned

2006-01-18, 10:07:52

anonymous from United Kingdom

Great help kept going and finally got rid of all except small red circle wot white cross as cannot find the files mentioned to remove it

2006-01-24, 10:14:39

anonymous from United Kingdom

Thaks a bunch. worked first time. That was so annoying

2006-01-26, 08:35:59

Finally... from Turkey

I have cleaned up that crazy thing finally.First I did the things above.But this was useless.I run a program called Faber Toys which is the advenced of Windows task Manager.I found the tool2.exe in otomatic works when start up.I killed that one!Now I am glad.Thanks for everything

2006-01-27, 13:28:30

anonymous from United States

answer: stop looking at porn all day long - that is where these programs come from

2006-02-03, 20:35:36

anonymous from Australia

Does anyone know how I can delete these fuckers. I have scanned through them and allthough the properties info suggests where they are being sourced from, they are obviously hidden or will not let me delete them as I get pop ups saying the program is still running.

2006-02-03, 22:37:21

anonymous from United States

Hello - Microsoft has a free beta2 spyware program that deletes spysheriff and its variants (pest trap, etc.). It works and cleans out the program. Then search the web for 'spysheriff wallpaper remove' to find the right settings to restore your wallpaper and other items. Depending on your variant, the instructions are slightly different, but not difficult. Good luck.